<?php
/**
 * Created by PhpStorm.
 * User: shnaider
 * Date: 20.01.2015
 * Time: 20:03
 */

class admin_controllers_ajax extends basecontroller
{
    function index()
    {
        $is_admin=admin_models_index::_is_logged();
        if (!$is_admin){
           exit;
        }

        if (isset($_GET['action'])) {
            $action = security::input_cut_filter($_GET['action']);
            switch ($action) {
                case 'DeletePortfolio':
                    self::delete_portfolio();
                    break;
                case 'EditPortfolio':
                    self::edit_portfolio();
                    break;
                case 'AddPortfolio':
                    self::add_portfolio();
                    break;
                case 'ChangePassword':
                    self::change_password();
                    break;
                case 'uploadimg':
                    self::uploadimg();
                    break;
                case 'ChangeStatus':
                    self::change_status();
                    break;

                default:
                    exit;
            }
        }
    }

public static function change_password(){

    $secure = new security;

    $key_num1 = $secure->key_num1;
    $key_num2 = $secure->key_num2;

    $id = security::input_cut_filter($_SESSION['whois']);
    $id = DB::escape($id);
    $old_passw = security::input_cut_filter($_POST['old_passw']);
    $old_passw = DB::escape($old_passw);

    $new_passw = security::input_cut_filter($_POST['new_passw']);
    $new_passw = DB::escape($new_passw);

    $new_passw2 = security::input_cut_filter($_POST['new_passw2']);
    $new_passw2 = DB::escape($new_passw2);


    if($old_passw == '' OR $new_passw == '' OR $new_passw2 == ''){
        echo json_encode(2);
        exit;
    }

    if($new_passw != $new_passw2){
        echo json_encode(3);
        exit;
    }

    $old_passw = hasher::hash($old_passw, $key_num1, $key_num2);
    $new_passw = hasher::hash($new_passw, $key_num1, $key_num2);
    $new_passw2 = hasher::hash($new_passw2, $key_num1, $key_num2);

    $select = DB::query_arr('SELECT * FROM users WHERE id="' . $id . '" AND passw="' . $old_passw . '"');
                    if (empty($select['0']['passw'])) {
                        echo json_encode(4);
                        exit;
                    }

    $update = DB::query('UPDATE users SET passw="'.$new_passw.'" WHERE id="' . $id .'"');

    if($update){
        echo json_encode(1);
        exit;
    } else {
        echo json_encode(0);
        exit;
    }

}

public static function delete_portfolio(){
    $portfolio_id = security::input_cut_filter($_POST['Portfolio']);
    $portfolio_id = DB::escape($portfolio_id);
    $delete = DB::query('DELETE FROM portfolio WHERE id='.$portfolio_id);

    if($delete){
        echo json_encode(1);
        exit;
    } else {
        echo json_encode(0);
        exit;
    }

}

public static function edit_portfolio(){
    $portfolio_id = security::input_cut_filter($_POST['Portfolio']);
    $portfolio_id = DB::escape($portfolio_id);
    $portfolio_comment = security::input_cut_filter($_POST['Comment']);
    $portfolio_comment = DB::escape($portfolio_comment);

    $update = DB::query('UPDATE portfolio SET comment="'.$portfolio_comment.'" WHERE id='.$portfolio_id);

    if($update){
        echo json_encode(1);
        exit;
    } else {
        echo json_encode(0);
        exit;
    }

}

public static function add_portfolio(){
    $portfolio_image = security::input_cut_filter($_SESSION['imgfile']);
    $portfolio_image = DB::escape($portfolio_image);
    $portfolio_comment = security::input_cut_filter($_POST['PortfolioCom']);
    $portfolio_comment = DB::escape($portfolio_comment);

    if($portfolio_image == ''){
        echo json_encode(2);
        exit;
    }

    if($portfolio_comment == ''){
        echo json_encode(3);
        exit;
    }

    $insert = DB::query('INSERT INTO portfolio (image_path,comment) VALUES ("'.$portfolio_image.'","'.$portfolio_comment.'")');

    if($insert){
        echo json_encode(1);
        exit;
    } else {
        echo json_encode(0);
        exit;
    }

}

public static function uploadimg(){
    $error = $_FILES['file']['error'];
    $file = $_FILES['file']['name'];
    $file_type = $_FILES['file']['type'];
    $file_size = $_FILES['file']['size'];
    $tmp = $_FILES['file']['tmp_name'];


    if ($error == 0){

        if ($file_size > 614400){
            $res['resp_code']=2;
            echo json_encode($res);
            exit;
        }

        if ($file_type != 'image/jpeg' && $file_type != 'image/jpg'){
            $res['resp_code']=3;
            echo json_encode($res);
            exit;
        }

        $new_file_name='img'.md5(date('dmYHis')).'.jpg';
        $upload = move_uploaded_file($tmp,'images/portfolio/'.$new_file_name);

        if($upload){
            $res['resp_code']=1;
            $res['filename']=$new_file_name;

            $_SESSION['imgfile']=$new_file_name;
            $_SESSION['imgfile']=trim($_SESSION['imgfile']);

            echo json_encode($res);
            exit;
        }else{
            $res['resp_code']=0;
            echo json_encode($res);
            exit;
        }

    }else{
        $res['resp_code']=0;
        echo json_encode($res);
        exit;
    }
}
public static function change_status(){

        $slct = DB::escape($_POST['slct']);
        $id = DB::escape($_GET['id']);

        if ((!empty($slct)) AND (!empty($id))) {

        $sql = "UPDATE zayavka SET Zstatus='$slct' WHERE id='$id'";

        if (DB::query($sql)) {
            echo json_encode(3);
            exit;
        }
        else {
            echo json_encode(1);
            exit;
        }
    }
    else {
        echo json_encode(2);
        exit;
    }

}
}